Access "Laws of security: 10 security best practices"
This article is part of the May 2004 issue of Are you secure? Adam Putnam says, "Prove it!"
Ever notice how magazines try to pull you in by running a list on something you can't do without? ("47 ways to recharge your sex life," "59 patio redecorating tips," etc.) Well, if you're still reading, it worked. Most of these laws are the result of a collaborative effort. Tip o' the hat to Fred Avolio, Jay Heiser, Pete Lindstrom, Marcus Ranum and Joel Snyder for their input. You cannot eliminate risk. You can mitigate risk. You can insure against it. You can even ignore or accept it. But you can't eliminate it. Same goes for the components of risk: vulnerabilities, threats and impact. CEO's mantra: Make more, spend less. CEOs invest in security for two primary reasons: to comply with regulations; and to protect corporate image, brand, reputation and intellectual property. Your job is to demonstrate how spending a dime on security today saves the company a dollar tomorrow. "Good" security: No. "Good enough" security: Yes. It's often said that security is successful when nothing happens. But that doesn't mean a single breach means failure. You have to accept... Access >>>
Premium Content for Free.
Should new information security laws include auditing requirements?
by Erik Sherman
Get your security act together or Adam Putnam will do it for you. Federal information security laws and regulations could be the next thing infosec management has to worry about. Here you will learn about pending security laws requring security auditing requirements in this feature.
Exploring additional technologies to support antivirus scanning
by George A. Chidi Jr.
Security managers are looking beyond conventional AV to ensure business continuity and improve disaster recovery times.
Using email spam filtering techniques to get rid of spam
by Amber Plante
Filters stem the flow of junk email, but spam remains a big distraction. Learn how to use spam filtering techniques to get rid of spam.
- Should new information security laws include auditing requirements? by Erik Sherman
Secure data transmission with wireless access controllers
by Jon Edney
Sending data over the airwaves is risky. Wireless access controllers assure secure data transmission and reception.
Why and how the CISO job description is changing
by Gary Lynch
Reinvent your job or watch it disappear.
- Secure data transmission with wireless access controllers by Jon Edney
Government cybersecurity: What is being done to fight cybercrime?
by Lawrence M. Walsh
Learn what can be done to fight cybercrime against privately owned networks.
Industry needs less ethical computer hacking, more risk management strategies
by Jay Heiser, Contributor
Enterprises need less ethical computer hacking and a better risk management strategy.
How to avoid Windows XP Service Pack 2 problems
by Victor R. Garza
Testing XP SP2 beta today will pay off in the long run and help admins to avoid any Windows XP Service Pack 2 problems.
Enhancing secure coding practices to secure your machine
by Pete Lindstrom, Contributor
Learn preventative measures to help improve secure coding practices and protect and secure your machine from the latest threats.
Laws of security: 10 security best practices
by Andrew Briney
Learn the laws of security and 10 security best practices.
- Government cybersecurity: What is being done to fight cybercrime? by Lawrence M. Walsh
More Premium Content Accessible For Free
As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...
This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...
Despite the enormous concerns around cloud security, many information security professionals remain on the sidelines when it comes to their ...